Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
22 Cards in this Set
- Front
- Back
|
access control:
|
The mechanism used in an information system to allow or restrict access to data or devices.
|
|
|
access control list (ACL):
|
A set of permissions that are attached to an object.
|
|
|
access control model:
|
A standard that provides a predefined framework for hardware and software developers who need to implement access control in their devices or applications.
|
|
|
Access control list (ACL):
|
A set of permissions that are attached to an object.
|
|
|
account expiration:
|
The process of setting a users account to expire.
|
|
|
Discretionary Access Control (DAC):
|
The least restrictive access control model in which the owner of the object has total control over it.
|
|
|
Extended TACAS:
|
The second version of the Terminal Access Control Access Control System (TACAS) authentication service.
|
|
|
implicit deny:
|
Rejecting access unless a condition is explicitly met.
|
|
|
job rotation:
|
The act of moving individuals from one job responsibility to another.
|
|
|
Kerberos:
|
An authentication system developed by the MIT and used to verify the identity of networked used.
|
|
|
least privilege:
|
Providing only the minimum amount of privileges necessary to perform a job or function.
|
|
|
LDAP injection attack:
|
An attack that constructs LDAP statements based on user input statements, allowing the attacker to retrieve information from the LDAP database or modify its content.
|
|
|
Lightweight Directory Access Protocol (LDAP):
|
A protocol for a client application to access an X.500 directory
|
|
|
Mandatory Access Control (MAC):
|
The most restrictive access control model typically found in military settings in which security is of supreme importance.
|
|
|
mandatory vacations:
|
Requiring that all employees take vacations.
|
|
|
Remote authentication Dial in User Service(RADIUS):
|
An industry standard authentication service with widespread support across nearly all vendors of networking equipment.
|
|
|
Role Based Access Control (RBAC):
|
A real world access control model in which access is based on a users job function within the organization.
|
|
|
Rule Based Access Control(RBAC):
|
An access control model that can dynamically assign roles to subjects based on a set of rules defined by a custodian.
|
|
|
separation of duties:
|
The practice of requiring that processes should be dived between two or more individuals.
|
|
|
TACAS+
|
The current version of the Terminal Access Control Access Control System (TACAS) authentication service.
|
|
|
Terminal Access Control Access Control System(TACAS):
|
An authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server. The current version is TACAS+
|
|
|
time of day restrictions:
|
Limitations imposed as to when a user can log on to a system.
|
